Microsoft VM and ActiveX Bug in IE

by Wayne Maples [Published on 20 April 2004 / Last Updated on 20 April 2004]

Microsoft VM builds prior to build 3318 allow access to ActiveX controls that should not be available (discovered in Oct 2000). See Q275609 and MS00-075 for background on the vulnerability. There are upgraded versions of the VM for all OS versions supporting IE.

No big deal but there is a new trojan that does significant damage to the Windows registry IF you have windows scripting host (which W2K does and NT if you installed it):

Trojan horse breaks Windows PCs

McAfee

Synamtec

To see if you are vulnerable and need to upgrade your VM in IE:

  • Click Start
  • Click Run
  • Type cmd and hit the enter key
  • At the command prompt, type jview and hit the enter key

The version information will be at the right of the topmost line. It will have a format like "5.00.xxxx", where the "xxxx" is the build number. When I run this on my W2K commandline running IE6, I see:

Microsoft (R) Command-line Loader for Java Version 5.00.3802

Thus my build number is 3802. OK, now I know the build number. How do I tell if I'm affected? Any build 2000-2441 is vulnerable as well as obsolete where as any builds 3000-3187 are vulnerable. If your VM is vulnerable, download a non-vulnerable VM

Featured Links